Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323139393a3a2f34382d3438203d3e20323135373239.roa
File:                     326131343a373538313a323139393a3a2f34382d3438203d3e20323135373239.roa (raw, json)
Hash identifier:          fHLLQ5ZMkLcg8K4Wx5WQOpM18tgis+f3Gg3GYdAZ8QI=
Subject key identifier:   DC:10:CB:B0:7A:3A:06:AB:26:3C:3A:CF:58:57:2F:A6:44:0F:C7:67
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       1615E44906B34920F5BD0AC02C80D4630B119340
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323139393a3a2f34382d3438203d3e20323135373239.roa
Signing time:             Wed 20 Mar 2024 16:21:28 +0000
ROA not before:           Wed 20 Mar 2024 16:16:28 +0000
ROA not after:            Wed 19 Mar 2025 16:21:28 +0000
asID:                     215729
IP address blocks:        2a14:7581:2199::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 12 Oct 2024 16:28:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:15:e4:49:06:b3:49:20:f5:bd:0a:c0:2c:80:d4:63:0b:11:93:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: Mar 20 16:16:28 2024 GMT
            Not After : Mar 19 16:21:28 2025 GMT
        Subject: CN=DC10CBB07A3A06AB263C3ACF58572FA6440FC767
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d3:15:5c:d3:02:8c:6f:63:40:fa:70:10:12:
                    b2:1c:f8:11:ac:a2:fe:bf:1b:fc:4a:2c:54:7c:71:
                    9d:c4:51:6a:8d:5d:16:1d:02:88:a6:f8:82:d9:a6:
                    70:75:8a:36:79:48:d2:99:09:93:41:2f:99:d8:a9:
                    b3:a5:de:f7:28:fd:6d:e0:ae:ed:df:c1:f0:95:1e:
                    aa:df:3b:45:28:8e:a0:57:02:1c:d3:99:12:02:1d:
                    dc:12:e7:dd:d7:c6:43:59:27:40:57:dd:0e:e4:9d:
                    5d:74:f9:0e:32:95:c0:86:85:8c:7a:a3:64:d5:8a:
                    b4:43:32:cd:cb:e6:fa:dd:0b:e1:0c:31:d9:43:84:
                    7c:ba:9f:6d:7f:fc:da:fb:27:d1:ea:e5:96:17:01:
                    33:1b:c2:0f:34:3e:05:f3:cc:45:96:b4:f4:c1:d5:
                    2f:e1:87:e0:ba:87:04:23:7a:78:78:24:05:d1:3d:
                    7e:76:d6:9a:bc:ac:b6:de:96:16:68:c5:17:c2:f8:
                    15:2e:b9:85:0c:a0:60:dd:fc:ee:a1:02:ca:34:ef:
                    91:dc:6a:0b:df:3c:24:eb:46:5d:4f:28:3b:90:5c:
                    9d:7c:6a:75:90:f0:66:e6:cd:3c:26:28:7c:0a:fc:
                    9a:7b:12:bf:a2:f7:dd:05:6f:e4:a1:26:a7:c1:d7:
                    ac:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:10:CB:B0:7A:3A:06:AB:26:3C:3A:CF:58:57:2F:A6:44:0F:C7:67
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323139393a3a2f34382d3438203d3e20323135373239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2199::/48

    Signature Algorithm: sha256WithRSAEncryption
         bb:9c:e1:12:5d:a0:9e:83:cc:96:7d:47:44:59:6a:76:2c:4f:
         48:33:d7:20:76:c8:2e:91:b9:a6:93:f0:f6:50:fb:bf:b1:32:
         f3:20:ff:43:22:83:29:74:63:26:bb:96:fe:26:58:42:a6:e8:
         db:5b:8d:89:78:d3:26:39:ff:64:44:e3:1a:d1:a2:45:d3:f1:
         35:b8:5e:9d:bc:42:a1:23:bc:0a:32:5a:a1:86:6e:cf:ae:8e:
         e0:18:40:c8:01:47:8d:1c:5e:36:51:99:9d:27:2c:23:ac:14:
         f3:78:f3:27:da:e3:49:b2:e7:4b:74:2e:e0:7a:87:f6:f1:93:
         8e:13:ea:b3:b7:77:7a:f1:33:1d:92:9b:21:f5:59:ad:11:4b:
         37:6d:1e:ad:61:9c:af:8c:19:cb:ca:60:a6:d2:31:0a:cd:80:
         f0:b0:cc:b1:78:20:32:7a:f8:cf:e0:50:e6:84:11:59:66:84:
         89:1e:72:ed:a3:7a:d5:b9:b9:b7:8a:a7:9e:e8:bf:53:c0:15:
         48:c1:01:3b:16:2c:66:ea:05:23:c8:f1:01:06:5b:48:fc:46:
         4b:b4:97:bc:15:cb:cb:dc:12:ac:18:45:0e:c4:b7:7b:c5:af:
         40:62:9a:e5:28:20:4d:7f:e7:29:b8:ff:39:59:90:33:6d:8b:
         ef:61:d3:b7
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUFhXkSQazSSD1vQrALIDUYwsRk0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDAzMjAxNjE2MjhaFw0yNTAzMTkxNjIxMjhaMDMxMTAvBgNV
BAMTKERDMTBDQkIwN0EzQTA2QUIyNjNDM0FDRjU4NTcyRkE2NDQwRkM3NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf0xVc0wKMb2NA+nAQErIc+BGs
ov6/G/xKLFR8cZ3EUWqNXRYdAoim+ILZpnB1ijZ5SNKZCZNBL5nYqbOl3vco/W3g
ru3fwfCVHqrfO0UojqBXAhzTmRICHdwS593XxkNZJ0BX3Q7knV10+Q4ylcCGhYx6
o2TVirRDMs3L5vrdC+EMMdlDhHy6n21//Nr7J9Hq5ZYXATMbwg80PgXzzEWWtPTB
1S/hh+C6hwQjenh4JAXRPX521pq8rLbelhZoxRfC+BUuuYUMoGDd/O6hAso075Hc
agvfPCTrRl1PKDuQXJ18anWQ8GbmzTwmKHwK/Jp7Er+i990Fb+ShJqfB16wNAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU3BDLsHo6BqsmPDrPWFcvpkQPx2cwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyMzEzOTM5M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzczMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSGZMA0GCSqGSIb3DQEBCwUAA4IBAQC7
nOESXaCeg8yWfUdEWWp2LE9IM9cgdsgukbmmk/D2UPu/sTLzIP9DIoMpdGMmu5b+
JlhCpujbW42JeNMmOf9kROMa0aJF0/E1uF6dvEKhI7wKMlqhhm7Pro7gGEDIAUeN
HF42UZmdJywjrBTzePMn2uNJsudLdC7geof28ZOOE+qzt3d68TMdkpsh9VmtEUs3
bR6tYZyvjBnLymCm0jEKzYDwsMyxeCAyevjP4FDmhBFZZoSJHnLto3rVubm3iqee
6L9TwBVIwQE7Fixm6gUjyPEBBltI/EZLtJe8FcvL3BKsGEUOxLd7xa9AYprlKCBN
f+cpuP85WZAzbYvvYdO3
-----END CERTIFICATE-----